An altered version of nimhax to pwn dsp with an emulated ps:ps service, set GPUPROT and exploit kernel.
- httpwn is fixed up for HTTP
v14336(introduced in 11.4) - nimhax is prepared for NIM
v14341(introduced in 11.8) - dsp pwn is prepared for DSP
v7169(introduced in 11.1)
Any version between since 11.8 until and including 11.17 (latest as of this writing) should be able to run it fine.
(Included credits from original ctr-httpwn)
- @Tuxsh for the exploit writeup in C for killing PS, emulating it and ipctakeover DSP and set GPUPROT to 0.
- @Tuxsh for the >= 11.4 httpwn method
- @zoogie for fix up on the httpwn sharedmem rop generation code and addresses with the mentioned above resourse. As well fix up bosshaxx addresses.
- This uses the decompression code from here for ExeFS .code decompression: https://github.com/smealum/ninjhax2.x/blob/master/app_bootloader/source/takeover.c
- Tinyxml2 is used for config XML parsing, via portlibs.
- @ihaveamac for the app icon(issue #1).
- types.h at ipctakeover/boss/ is from ctrtool.
- The filepath for "url_config.txt" is from here: https://github.com/skiptirengu/ctr-httpwn
This is a duplicate repository of ctr-httpwn because this did not start as a fork of it, this was initialized differently and also could not private fork the repository. This started as a private repository.